Cyber Crime

Pierluigi Paganini July 05, 2014
Massive Boleto fraud in Brazil caused 3,75 USD billion losses

RSA Security has discovered a large-scale malware campaign, which hijacked Boleto payments causing an amount of financial losses for 3,75 USD billion losses. Security experts at RSA Security have recently discovered a large-scale malware campaign that’s been operating at least for two years, the malicious code implements the man-in-the-browser technique to exploit vulnerabilities in popular browsers, including Chrome, Firefox […]

Pierluigi Paganini July 04, 2014
Implications of the crisis in Iraq in the cyberspace

Security Experts at Intelligence firm InterCrawler have analyzed the effect of the crisis in Iraq on the malicious activities in the cyberspace. Cyber threat intelligence firm IntelCrawler has published an interesting post on the repercussion of Iraq Civil disorder on the cyberspace, the company has analyzed the activities within the Iraqi ISP industry discovering worrying signals. […]

Pierluigi Paganini July 03, 2014
CosmicDuke malware surprisingly linked to Miniduke campaign

While investigating on MiniDuke malware, experts at F-Secure discovered a surprising link to a new malware, dubbed CosmicDuke, belonging to Cosmu family. Early 2013 experts at Kaspersky Lab and Hungary’s Laboratory of Cryptography and System Security (CrySyS) uncovered a cyber espionage campaign dubbed Miniduke which targeted dozens of computers at government agencies across Europe. The hackers exploited a […]

Pierluigi Paganini July 03, 2014
Geodo, the banking trojan with email self-spreading feature

Security researchers from Seculert firm have discovered a variant of the Cridex banking worm, dubbed Geodo, which spreads itself through email. In the last months a significant number of banking trojans have been proposed by cyber criminal ecosystem, from EMOTET to Dyreza, criminals have used a wide casuistry of techniques to deceive bank customers. The primary purpose of the […]

Pierluigi Paganini July 02, 2014
Dragonfly gang is targeting Western energy industry

Security experts at Symantec have detected a new series of attacks worldwide conducted by the Dragonfly gang on SCADA/ICS in critical infrastructure. The energy industry is under attack, more than one thousand companies in Europe and North America are constantly under attack. ICS/SCADA systems are privileged targets of state-sponsored hackers and cyber criminals, last week I wrote […]

Pierluigi Paganini July 01, 2014
Microsoft Seized No-IP Domains, Millions dynamic DNS users affected

Executing an order of a Nevada Court, Microsoft has seized domains belonging to the No-IP.com Dynamic DNS Service affecting the traffic of million users. Microsoft has executed a large-scale operation against a malware network thought to be responsible for more than 7.4 million infections of Windows machines worldwide. The operation conducted by Microsoft has brought down millions of […]

Pierluigi Paganini July 01, 2014
Kaspersky Lab reveals an increase in RDP bruteforce attacks

Security experts at Kaspersky Lab have issued data related to the number of RDP brute force attacks on its clients which show a worrying trend. In the June Kaspersky Lab has included in its products an Intrusion Detection System, which allowed the company to analyze  more information on going attacks on its clients. Kaspersky has issued the data […]

Pierluigi Paganini June 29, 2014
Why the agreement between ENISA and EUROPOL is strategic?

ENISA and Europol have signed an agreement with the intent to facilitate the cooperation in the fight to the cyber criminal activities. The fight to the cybercrime needs a joint effort of governments, law enforcement agencies and private entities. Cyber threats are becoming even more sophisticated and bad actors behind them are structured in efficient organizations difficult […]

Pierluigi Paganini June 29, 2014
Selfmite, the rare Android worm which spreads itself by sending SMS

Experts at AdaptiveMobile discovered a rare Android SMS worm dubbed Selfmite which spreads itself by sending SMS including a malicious link to the contact list. Security researchers at AdaptiveMobile have discovered a rare Android malware dubbed Selfmite that propagates via SMS text messages, the worm in fact sends malicious links to 20 contacts present in the device owner’s address book. Selfmite […]

Pierluigi Paganini June 28, 2014
EMOTET the banking malware which uses network sniffing

Security Experts at Trend Micro have detected a new banking malware, dubbed EMOTET, which uses also network sniffing capabilities to target bank customers. The number of malware families designed to hit the banking industry is in constant growth, in this first part of the year the number of malicious code used by cyber criminals for […]